Saturday, October 26, 2013

If you have already enabled
“2-Step Verification” for your Google account (Or any other)you may aware of
what we are going to discuss today. For all others “2-Step Verification” is
simply another mechanism to keep safe your Google account from the “bad
guys”.

Basically what happens is
when you enable the 2-Step Verification (more generically two factor
authentication) addition to the your user name password combination it will ask
for a verification code as the second gateway to your account. As the primary
option Google offers SMS or voice call as the delivery mechanism for the
verification code.

Or we can switch to “Google
Authenticator App” which is available freely on Play Store and App Store. In
this post I am going to discuss how we can implement our own 2-Step
Verification for Google Authenticator App is the client side of this story, and
google has their own server side to enable service for google users and we are
going to have our own today.

This mechanism powered by
TOTP- Time Based One Time Password Algorithm .You can find the
specification here.

Below set of images will
explain you what is happening behind there.

Figure 1.1- Authentication Server Generates an key to share with the GA app.

Figure 1.2- User enter the key to GA app- No communication betweenserver and the GA app.

Figure 1.3- Now Both sides have the shared key.

Figure 1.4 - User authentication using the TOTP.

*Note that the app and the server did not communicate by any means via network. Thus the possibility for leak the secret is minimized.

Ok now we know what happens there and it is time to get into the code
and implement our own two factor authentication. For this part we will develop a simple web application to demonstrate server side authentication part.

Deploy the web application to tomcat.All done. It's time to test the application with Google Authenticator App.

7.1 When application deployed, go to http://localhost:8080/GoogleAuthenticator/
and enter some user name and password. And make sure the checkbox
checked before send request. If you see the AuthController code it is
the parameter to identify whether this is an account set up action or just
verification login.

7.2
When you submit with the checkbox checked , the server will respond
QR code which holds the Your user name SecretKey

(Shared Key)

7.3
Now open up the Google Authenticator app on your phone. Select
“Set up account” from the option menu.

7.4 Then select “Scan a barcode” from the option menu.

If you have installed QR code reader app GA will open up it for you otherwise you have to install a QR reader app.

5. After successful scan GA will add a new account and generate a new
30 sec valid code for you.

Saturday, April 6, 2013

Introduction
Message oriented middleware (MOM) is one of the essential part of when
it comes to building a SOA based solutions.There are number of MOMs out
there. Integrating most of them for special use cases some what tricky.
Today in this blog post we are going to simulate below scenario using
WSO2 ESB and Active MQ as the JMS broker.

Scenario Proxy service that takes JSON parameters and
return JSON output.( REST POST on this proxy in order to receive an
JSON response from proxy).
Inside the proxy service it should
transform received JSON into XML and put in in OUT queue(On Active MQ).
Then Proxy continue and listen on IN queue for message with
correlation id of message that it just put into OUT queue.
Some
third party application taking the messages from OUT queue and after
doing its own operation on message put the message in the IN queue
back.
Once proxy gets message to IN queue it transforms
from XML to JSON and returns as result.
In the big picture, We
called REST web service by posting some JSON and received back some
JSON. Internally web service have converted JSON to XML, posted it to
OUT queue waited for a message with same correlation id on IN queue,
transformed message to JSON and returned it as result of proxy call.

Step-1 : Setting up the environment.
To set up the environment please follow the below steps.
1.
Open axis.xml which located in $ESB_HOME/repository/conf/axis2
2. Go to Transport Ins (Listeners) section.
Uncomment the transportReceiver appropriate for JMS environment of your
set up (for this sample we have used ActiveMQ)
3. Go to
Transport Outs (Senders) section.
Uncomment the
JMS transportSender.
4. Then put the client JARs for your JMS
server in Carbon classpath. In case of Apache ActiveMQ, you need to put
the following JARs in the classpath:
activemq-core.jar
geronimo-j2ee-management_1.0_spec-1.0.jar
geronimo-jms_1.1_spec-1.1.1.jar
The required
dependencies are in the $ACTIVEMQ_HOME/lib directory. You need to copy
these JAR files over to $ESB_HOME/repository/components/lib directory.

Figure 1.1 shows the out use case as a
modelFigure 1.1*For
the simulation of the scenario we can use another proxy service as
the third party application. It will take the XML messages form the
OUT queue put it in the IN queue.
Step-2 : Implementation.
1. Proxy that takes JSON parameters of REST API call and transforms
REST call parameters and put's them as XML message into ActiveMQ "OUT"
queue.
And wait for some other application
to put the same message (matched by correlation id ) in to "OUT" (this
is configured by passing "transport.jms.ReplyDestination=IN" JMS
parameter via URL.)

contentTypetext/xml

2. Proxy that simulate the third party application which take
the message from OUT and put them in to IN.
(This proxy will listen to OUT and when some message come in to OUT it
will pick it and put it in the IN queue.)

contentTypeapplication/xmlmyQueueConnectionFactorydynamicQueues/OUT

Ultimately this sample will see by the outer world ,proxy
service that takes JSON parameters and return JSON parameters

About Me

Kalpa Senanayake is science and technology enthusiastic who has over three years of professional software development experience working on multi-tiered applications using Java and open source technologies. He is specialised in Java and and message oriented middleware systems. Currently working as a software engineer. He is Interested in a astrophysics, literature and stealth gaming.